commit 85ce6234554dff849d61c2f46ee8ea2cbd4d6700
parent 10c8cc5879c3c3d0b8d9e45229888aef7f9fb535
Author: David Goulet <dgoulet@torproject.org>
Date: Wed, 26 Mar 2025 18:03:45 +0000
Merge branch 'bug40802' into 'main'
resolve scary vanguard-related log msgs on dir auths
See merge request tpo/core/tor!873
Diffstat:
2 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/changes/bug40802 b/changes/bug40802
@@ -0,0 +1,9 @@
+ o Minor bugfixes (directory authorities):
+ - After we added layer-two vanguards, directory authorities wouldn't
+ think any of their vanguards were suitable for circuits, leading
+ to a "Failed to find node for hop #2 of our path. Discarding
+ this circuit." log message once per second from startup until
+ they made a fresh consensus. Now they look to their existing
+ consensus on startup, letting them build circuits properly from
+ the beginning. Fixes bug 40802; bugfix on 0.4.7.1-alpha.
+
diff --git a/src/feature/nodelist/nodelist.c b/src/feature/nodelist/nodelist.c
@@ -761,15 +761,21 @@ nodelist_set_consensus(const networkstatus_t *ns)
}
node_set_country(node);
- /* If we're not an authdir, believe others. */
- if (!authdir) {
+ /* Set node's flags based on rs's flags. */
+ {
node->is_valid = rs->is_valid;
node->is_running = rs->is_flagged_running;
node->is_fast = rs->is_fast;
node->is_stable = rs->is_stable;
node->is_possible_guard = rs->is_possible_guard;
node->is_exit = rs->is_exit;
- node->is_bad_exit = rs->is_bad_exit;
+ if (!authdir) {
+ /* Authdirs treat is_bad_exit specially in that they only assign
+ * it when the descriptor arrives. So when a dir auth is reading
+ * the flags from an existing consensus, don't believe the bit
+ * here, else it will get stuck 'on' forever. */
+ node->is_bad_exit = rs->is_bad_exit;
+ }
node->is_hs_dir = rs->is_hs_dir;
node->ipv6_preferred = 0;
if (reachable_addr_prefer_ipv6_orport(options) &&
